package master.photo.controller.security

import master.photo.domain.security.AppUser
import master.photo.domain.security.UserRole


/**
 * Registration controller.
 */
class RegisterController {
	
	def authenticateService
	def daoAuthenticationProvider
	def emailerService
	
	static Map allowedMethods = [save: 'POST', update: 'POST']
	
	/**
	 * User Registration Top page.
	 */
	def index = {
		
		if (session.id) {
			def person = new AppUser()
			person.properties = params
			return [person: person]
		}
		
		redirect uri: '/'
	}
	
	/**
	 * User Information page for current user.
	 */
	def show = {
		
		// get user id from session's domain class.
		def user = authenticateService.userDomain()
		if (user) {
			render view: 'show', model: [person: AppUser.get(user.id)]
		}
		else {
			redirect action: index
		}
	}
	
	/**
	 * Edit page for current user.
	 */
	def edit = {
		
		def person
		def user = authenticateService.userDomain()
		if (user) {
			person = AppUser.get(user.id)
		}
		
		if (!person) {
			flash.message = "[Illegal Access] User not found with id ${params.id}"
			redirect action: index
			return
		}
		
		[person: person]
	}
	
	/**
	 * update action for current user's edit page
	 */
	def update = {
		
		def person
		def user = authenticateService.userDomain()
		if (user) {
			person = AppUser.get(user.id)
		}
		else {
			redirect action: index
			return
		}
		
		if (!person) {
			flash.message = "[Illegal Access] User not found with id ${params.id}"
			redirect action: index, id: params.id
			return
		}
		
		// if user want to change password. leave passwd field blank, passwd will not change.
		if (params.passwd && params.passwd.length() > 0
		&& params.repasswd && params.repasswd.length() > 0) {
			if (params.passwd == params.repasswd) {
				person.passwd = authenticateService.encodePassword(params.passwd)
			}
			else {
				person.passwd = ''
				flash.message = 'The passwords you entered do not match.'
				render view: 'edit', model: [person: person]
				return
			}
		}
		
		person.email = params.email
		if (params.emailShow) {
			person.emailShow = true
		}
		else {
			person.emailShow = false
		}
		
		if (person.save()) {
			redirect action: show, id: person.id
		}
		else {
			render view: 'edit', model: [person: person]
		}
	}
	
	/**
	 * Person save action.
	 */
	def save = {
		
		def person = new AppUser()
		person.properties = params
		
		def role = UserRole.get(3);
		if (!role) {
			person.passwd = ''
			flash.message = 'Default Role not found.'
			render view: 'index', model: [person: person]
			return
		}
		
		if (params.captcha.toUpperCase() != session.captcha) {
			person.passwd = ''
			flash.message = 'Access code did not match.'
			render view: 'index', model: [person: person]
			return
		}
		
		if (params.passwd != params.repasswd) {
			person.passwd = ''
			flash.message = 'The passwords you entered do not match.'
			render view: 'index', model: [person: person]
			return
		}
		
		person.enabled = true
		person.emailShow = true
		person.userRole = role;
		
		if (person.save()) {
			session['J_USERNAME'] = person.username;
			session['USER_LOGGED_IN'] = person
			redirect controller: 'profile', action: 'create'
		}
		else {
			person.passwd = ''
			render view: 'index', model: [person: person]
		}
	}
}
